UA EN RU
All topics
Topics
UA EN RU
Last news
Putin's Pseudo-Truce: The Independent Explained the Deception today, 08:45
Occupants launched a strike with drones and missiles on Konotop today, 06:16
Meat Grinder 2025: British Intelligence Predicts the Bloodiest Year of War for Russia today, 03:15
The NSDC revealed the consequences of the attack on the 'Strela' factory in Russia today, 02:05
Frontline situation as of May 4. General Staff report today, 00:02
Pakistan faces ammunition shortage due to supply to Ukraine yesterday, 23:22
Zelensky provided details of the meeting with the President of the Czech Republic yesterday, 22:39
Bolton called the US-Russia negotiations a 'disaster' over Witkoff yesterday, 22:15
Ukrainian maritime drones shot down two Su-30s for the first time: Budanov revealed details of the historic operation yesterday, 14:00
Why Swedish Combat Boats 90 are Important for Ukraine: An Intelligence Explanation yesterday, 13:56
The US Appeals Court has blocked the decision to restore the operation of 'Voice of America' yesterday, 04:55
Frogs in Boiling Water: US Admiral Makes Disturbing Statement about War with China over Taiwan yesterday, 04:15
Two planes a day: Zelensky commented on the successes of the Armed Forces of Ukraine and readiness for a ceasefire yesterday, 00:15
Diplomat states that Russia is forming a strike force for an attack on the Baltic States and Poland 03.05.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1467
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1467
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Putin's Pseudo-Truce: Explanation from The Independent
Putin's Pseudo-Truce: The Independent Explained the Deception
today, 08:45 121
Drones and missiles attack Konotop
Occupants launched a strike with drones and missiles on Konotop
today, 06:16 189
Meat Grinder 2025: Assassination of Observers by Russian Forces
Meat Grinder 2025: British Intelligence Predicts the Bloodiest Year of War for Russia
today, 03:15 374
The consequences of the attack on the 'Strela' factory
The NSDC revealed the consequences of the attack on the 'Strela' factory in Russia
today, 02:05 443
Frontline as of May 4
Frontline situation as of May 4. General Staff report
today, 00:02 468
Pakistani ammunition design to Ukraine
Pakistan faces ammunition shortage due to supply to Ukraine
yesterday, 23:22 452

Advertising